Updated: 11 December 1998 |
OpenVMS System Manager's Manual
Previous | Contents | Index |
A network proxy account allows users on a remote node in a network to access data by way of a local account on your system. Proxy accounts are useful when you want to grant one or more users on a remote node access to specific files, but you do not want to give them a private account on your system. Very often, system managers set up proxy accounts as restricted. You establish and control proxy accounts with the Authorize utility (AUTHORIZE).
With proxy accounts, you can authorize one or more users on a remote node to enter DCL commands that access data from a particular account on your system. Proxy accounts allow remote users to access specific local data (for example, type and print files) without having to log in to your system or use an access control string. Remote users assume the same file access rights as the local account and also receive the default privileges of the local account. The following sections explain the procedures for setting up proxy accounts.
To properly maintain proxy database consistency across all members of a mixed-version OpenVMS Cluster system, you must perform all proxy modifications from either of the following systems:
This restriction ensures that the NET$PROXY.DAT database is updated with correct proxy information.
For more information about proxy accounts, see the OpenVMS Guide to System Security.
6.9.4 Creating Network Proxy Authorization Files
A proxy account permits an authorized user from a remote node to log in to a local node, as if the user owned an account on the local node. Proxy accounts are created and maintained using the Authorize utility (AUTHORIZE). See the OpenVMS System Management Utilities Reference Manual for more information about the Authorize utility.
On OpenVMS systems, the following information is stored in two proxy authorization files, NETPROXY.DAT and NET$PROXY.DAT:
Deleting either NETPROXY.DAT or NET$PROXY.DAT will result in incorrect functioning of proxy access on systems running DECnet for OpenVMS Phase IV. Also, many applications such as ALL-IN-1 rely on NETPROXY.DAT. |
The SYSUAF.DAT file, on your local system, must associate proxy accounts with user accounts. You will probably want to create a "standard access" account in the UAF for proxy accounts. For example, you could create an account named REMOTE_MKT with limited privileges, which allows access to certain data files on your local system.
Suppose you have a group of users on your local system who prepare marketing reports and who rely on input from users on other systems. You would assign the REMOTE_MKT account in SYSUAF.DAT the same group number and default privileges you assign to the local marketing group. In this way, the remote contributors could access any data files that are "owned" by users in your marketing group and that are not protected from group access.
Use the AUTHORIZE command CREATE/PROXY to create and initialize network proxy authorization files:
UAF> CREATE/PROXY |
Create a proxy account by adding entries to the network proxy authorization file; these entries equate one or more users on a remote node to users on your home node.
The command syntax for adding a proxy account is as follows:
ADD/PROXY node::remote-user local-user/DEFAULT [,...] |
You can allow remote users access to up to 16 total local accounts: 1 default proxy account and 15 alternate proxy accounts. Use the /DEFAULT qualifier to specify the default proxy account.
UAF> ADD/PROXY HAL::WALTER REMOTE_MKT/DEFAULT,PROXY2,PROXY3 |
Because the remote user receives the same privileges as the local user, do not set up proxy accounts associated with local accounts that have special privilege. Granting remote users such access powers poses a threat to the security of your system. |
UAF> ADD/PROXY RSTS32::[360,54] GENERIC/DEFAULT |
UAF> ADD/PROXY HAL::* */DEFAULT |
UAF> ADD/PROXY HAL::BARBARA */DEFAULT |
UAF> ADD/PROXY RUBY::DELAPORT DELAPORT/DEFAULT,SYSTEM %UAF-I-NAFADDMSG, proxy from OMNI:.US.RUBY::DELAPORT to DELAPORT added %UAF-I-NAFADDMSG, proxy from OMNI:.US.RUBY::DELAPORT to SYSTEM added |
To remove proxy accounts, use the AUTHORIZE command REMOVE/PROXY; for example:
UAF> REMOVE/PROXY RUBY::DELAPORT SYSTEM |
This command removes proxy access from RUBY::DELAPORT to the local
SYSTEM account.
6.9.7 Displaying Proxy Accounts
To display proxy accounts, use the AUTHORIZE command SHOW/PROXY. This command displays only the first 255 characters of the node name, although the command can handle a maximum of 1024 characters.
The following examples assume that proxy access from RUBY::DELAPORT to the local account DELAPORT has been added to the network proxy authorization file as the default. (The second example shows the DECnet-Plus equivalent of RUBY::DELAPORT.)
UAF> SHOW/PROXY *::* |
RUBY::DELAPORT DELAPORT (D) |
UAF> SHOW/PROXY *::* |
OMNI:.US.RUBY::DELAPORT DELAPORT (D) |
UAF> SHOW/PROXY/OLD *::* |
Whenever a proxy login request occurs, the system verifies that proxy access on the participating nodes is enabled. (By default, both incoming and outgoing proxy access is enabled for each node.)
On systems running DECnet for OpenVMS, you can change proxy access or disable it totally by using the Network Control Program (NCP). The DECnet for OpenVMS Networking Manual describes how to use NCP to control proxy access.
On systems running DECnet-Plus software, you can change proxy access by
using the Network Control Language utility (NCL). The DECnet-Plus Network Control Language Reference
manual describes how to use NCL.
6.10 Managing Mail
When managing user accounts, you might have to manage a user's mail account. For example, you may want to perform the following tasks:
The following sections explain how to perform all of these tasks.
6.10.1 Modifying a User Record
All users can modify and display information about their own records using various SET and SHOW commands available within Mail. These commands access SYS$SYSTEM:VMSMAIL_PROFILE.DATA, which is a single-key indexed sequential file containing information for each user.
With SYSPRV, you can modify the records of other users. Table 6-7 lists the fields in the user profile record and the MAIL command you can use to modify those fields.
Field | Command |
---|---|
Username | -------- |
Forwarding address | SET FORWARD |
Personal name | SET PERSONAL_NAME |
Editor name | SET EDITOR |
Copy SEND/REPLY flags | SET COPY_SELF |
Autopurge flag | SET AUTO_PURGE |
Mail file subdirectory name | SET MAIL_DIRECTORY |
New mail count | READ/NEW |
Default queue | SET QUEUE |
Default form | SET FORM |
Carbon copy enabled | SET CC_PROMPT |
You can arrange mail forwarding for users without accounts on the
system by using the command SET FORWARD/USER=user.
6.10.2 Removing a User Record
Typically, once you have deleted a user's record in the UAF, you will
also want to remove that user's information from the user profile
database. You can remove a record from the user profile database with
the REMOVE command.
6.10.3 AUTHORIZE Flags and Mail
Certain flags set in a user's UAF record can affect the user's Mail environment. You can set the appropriate flags in a user account by specifying the following flags with the /FLAGS qualifiers using AUTHORIZE:
Flag | Meaning |
---|---|
[NO]DISNEWMAIL | Enables or disables the display of the new mail count when the user logs in to the system. |
[NO]DISMAIL | Allows or restricts the receipt of new mail. |
This section contains detailed descriptions of the resource control
attributes you can assign to a user process when creating a record in
the UAF.
6.11.1 Understanding Pages and Pagelets
VAX and Alpha systems allocate and deallocate memory for processes in units called pages. A page on a VAX system is 512 bytes. On Alpha systems, the page size will be one of four values: 8KB (8192 bytes), 16KB, 32KB, or 64KB. A particular Alpha system will implement only one of the four page sizes and the initial set of machines use an 8KB page.
In most cases, Alpha systems present to users, and accept from users, units of memory in a 512-byte quantity called a pagelet. Thus, one pagelet is the same size as one VAX page. Also, on an Alpha 8KB computer, 16 pagelets equal 1 Alpha page. The following conversion table shows the relationship between pages, pagelets, and bytes:
One Alpha pagelet = one VAX page = 512 bytes One Alpha page = 16 Alpha pagelets = 16 VAX pages = 8192 bytes |
Authorize utility commands, parameters, and default values are identical. However, the default values for process quotas related to memory use might be inappropriate for some Alpha system users.
See A Comparison of System Management on OpenVMS AXP and OpenVMS VAX for more information about Alpha system management.
(This manual has been archived but is available in PostScript and
DECW$BOOK (Bookreader) formats on the OpenVMS Documentation CD-ROM. A
printed book can be ordered through DECdirect (800-354-4825).)
6.11.2 Setting Limits on System Resources
Each system user is limited in the consumption of such resources as system memory, volatile (pagefile) disk space, number of processes, and I/O requests. You set limits when you create an account for the user with the Authorize utility.
Limits control the way in which a process shares its allotment of a resource with the subprocesses it creates. In addition to restricting the number of processes that a single user or account has at any given time, the system uses four types of limits for sharing resources. Table 6-1 describes these limits.
When you create an account, you assign values to the limits shown in Table 6-8. These limits are described in the following sections. Usually, you simply assign the default values for these limits. However, see the OpenVMS Performance Management for a discussion of how to evaluate and adjust the limits in the context of performance optimization strategies.
Table 6-8 summarizes each of these limits, the value supplied in the UAF record for the SYSTEM and DEFAULT accounts, and the type of limit.
Limit | VAX SYSTEM Value | VAX DEFAULT Value | Alpha SYSTEM Value | Alpha DEFAULT Value | Type1 | Description |
---|---|---|---|---|---|---|
ASTlm | 50 | 0 | 250 | 250 | N | AST queue limit |
BIOlm | 40 | 40 | 150 | 150 | N | Buffered I/O count limit |
Bytlm | 32768 | 32768 | 64000 | 64000 | P | Buffered I/O byte count limit |
CPU | 0 | 0 | 0 | 0 | D | CPU time limit (0 = no limit) |
DIOlm | 40 | 40 | 150 | 150 | N | Direct I/O count limit |
Enqlm | 300 | 200 | 2000 | 2000 | P | Enqueue quota |
Fillm | 300 | 300 | 100 | 100 | P | Open file limit |
JTquota | 4096 | 4096 | 4096 | 4096 | P | Initial byte quota for jobwide logical name table |
Maxacctjobs | 0 | 0 | 0 | 0 | S | Maximum active processes for a single account (0 = no limit) |
Maxdetach | 0 | 0 | 0 | 0 | S | Maximum detached processes for a single user name (0 = no limit) |
Maxjobs | 0 | 0 | 0 | 0 | S | Maximum active processes for a single user name (0 = no limit) |
Pgflquo | 20480 pages | 32768 pages | 50000 pagelets | 50000 pagelets | P | Page file limit |
Prclm | 10 | 2 | 10 | 8 | P | Subprocess creation limit |
TQElm | 30 | 40 | 20 | 10 | P | Timer queue entry limit |
WSdef 2 | 256 pages | 256 pages | 2000 pagelets | 2000 pagelets | N | Default working set size |
WSextent 2 | 40960 pages | 1024 pages | 16384 pagelets | 16384 pagelets | N | Working set extent |
WSquo 2 | 512 pages | 512 pages | 4000 pagelets | 4000 pagelets | N | Working set quota |
Table 6-9 shows the names and descriptions of the SYSTEM and DEFAULT accounts whose values are listed in Table 6-8. The /EXPIRATION qualifier is also described in Table 6-9.
Account | Description |
---|---|
AST Queue Limit (ASTlm) |
Limits the sum of the following amounts:
This limit affects all system services that accept an AST address as an argument, and the Schedule Wakeup ($SCHDWK) system service. If the deferred write option (DFW) is enabled, the number of ASTs used per file is equal to 1, plus the number of record streams, plus the multibuffer count. Otherwise, the number is 1 plus the number of record streams. |
Buffered I/O Count Limit (BIOlm) |
Limits the number of outstanding buffered I/O operations permitted for
a user's process.
In a buffered I/O operation, the data transfer takes place from an intermediate buffer in the system pool, not from a process-specified buffer. Buffered operations for a user process include terminal I/O, file system and network I/O, card reader input, and unspooled printer output. During a buffered I/O operation, the pages containing the process-specified buffer need not be locked in memory. |
Buffered I/O Byte Count Limit (Bytlm) |
Limits the amount of buffer space that a user's process can use.
This buffer space is used for buffered I/O operations and for the creation of temporary mailboxes. It also limits the number of mapping windows the user can create as segmented (or cathedral) windows. Cathedral windows are primarily useful for reducing the overhead required to read large files. |
CPU Time Limit (CPU) |
Limits the amount of CPU time that a user's process can use per session.
The time must be specified in abbreviated delta format hh:mm:ss.cc. CPU is a deductible limit with a suggested typical value of 0 (no limit) but the value applies only to this instance or to other instances of the user's processes. CPU is not cumulative across separate sessions or batch jobs. |
Direct I/O Count Limit (DIOlm) |
Limits the number of outstanding direct I/O operations permitted to a
user's process.
In a direct I/O operation, the data transfer takes place directly from a process-specified buffer. Direct I/O operations for a user process typically include disk and tape I/O. The pages containing this buffer are locked in memory by the operating system during the direct I/O operation. DIOlm is a nondeductible limit. |
Enqueue Quota (Enqlm) |
Limits the number of locks a process (and its subprocesses) can own.
OpenVMS Record Management Services (RMS) uses the Lock Management
facility to synchronize shared file access, global buffers, and record
locks. Because RMS removes one lock for every shared file, local
buffer, global buffer section, and outstanding record lock, users who
expect to perform large amounts of RMS file sharing should have Enqlm
set to a large value.
If your process performs extensive RMS file sharing without sufficient enqueue quota, you could receive the SS$_EXENQLM error message. Furthermore, if your system performs extensive RMS file sharing and the value of the LOCKIDTBL system parameter is too low, you could receive the SS$_NOLOCKID error message. Note that whenever you increase the value of LOCKIDTBL, you might have to increase the value of the RESHASHTBL system parameter. (See the OpenVMS System Management Utilities Reference Manual.) For shared files, the value of Enqlm should represent the number of files open as shared multiplied by the number of locks per process per file.
Prior to OpenVMS Version 7.1, the limit for Enqlm was 32767. Setting Enqlm to this former maximum value automatically scales Enqlm internally to the architectural maximum value. Thus, in effect, the process has an unlimited enqueue quota but does not need the privilege to ignore quotas. Use the DCL command SHOW RMS_DEFAULT to display the default multibuffer counts. Enqlm is a pooled limit. |
Expiration Date and Time (EXPIRATION) | Qualifier that specifies the expiration date and time of the account. The /NOEXPIRATION qualifier removes the expiration date on the account or resets the expiration time for expired accounts. The /EXPIRATION qualifier does not affect the expiration of passwords. |
Open File Limit (Fillm) |
Limits the number of files that a user's process can have open at one
time. This limit includes the number of network logical links that can
be active at the same time.
Fillm is a pooled limit. Note that each open file also requires at least 96 bytes of Bytlm. |
Job Table Quota (JTquota) |
Specifies the initial byte quota with which the jobwide logical name
table is to be created.
JTquota is a pooled quota. |
Maximum Account Jobs Limit (Maxacctjobs) |
Specifies the maximum number of batch, interactive, and detached
processes that might be active at one time for all users of a single
account.
Maxacctjobs is a systemwide limit. |
Maximum Detached Processes Limit (Maxdetach) |
Specifies the maximum number of detached processes with the cited user
name that can be active at one time. MAXDETACH can also be used to
control the number of virtual terminals a user can have. To prevent the
user from creating detached processes, specify the keyword NONE. By
default, a user has a value of 0, which represents an unlimited number.
Maxdetach is a systemwide limit. |
Maximum Process Jobs Limit (Maxjobs) |
Specifies the maximum number of interactive, batch, and detached
processes that can be active at one time for the cited user name.
Maxjobs is a systemwide limit. |
Page File Limit (Pgflquo) |
Limits the number of pages that the user's process can use in the
system page file. The page file provides temporary disk storage for
pages forced out of memory by a memory management operation. Pgflquo
limits the total virtual address space that can be created using the
Create Virtual Address Space ($CRETVA) or Expand Program/Control Region
($EXPREG) system services.
Pgflquo is a pooled limit. |
Subprocess Creation Limit (Prclm) |
Limits the number of subprocesses a user's process can create.
The process created when a user logs in to the system can in turn create subprocesses. These subprocesses are all accountable to the user and share the resources allotted to the initial process. Prclm is a pooled limit. |
Timer Queue Entry Limit (TQElm) |
Limits either of the following amounts:
This limit does not govern the creation of permanent event flag clusters. Timer queue entries are used in time-dependent scheduling; common event flags are used in synchronizing activities among groups of cooperating processes. TQElm is a pooled limit. |
Default Working Set Size (WSdef) |
Sets the initial working set size limit for a user's process.
WSdef is a nondeductible limit. If the value specified exceeds the value of WSquo, the lesser value is used. |
Working Set Extent (WSextent) |
Specifies the maximum size to which a user's physical memory usage can
grow, independent of the system load. This enlargement of the physical
memory for a user is accomplished by the Adjust Working Set Limit
($ADJWSL) system service, and is normally done for the user by the
operating system in response to heavy page faulting by the user.
WSextent is a nondeductible quota. This value should always be greater than or equal to WSquo. The value is controlled by the system parameter WSMAX. Note that PQL_MWSEXTENT will overwrite the account's value for WSextent if PQL_MWSEXTENT is larger than WSextent. |
Working Set Quota (WSquo) |
Specifies the working set quota. This is the maximum amount of physical
memory a user process can lock into its working set. It also represents
the maximum amount of swap space that the system reserves for this
process and the maximum amount of physical memory that the system
allows the process to consume if the systemwide memory demand is
significant. This parameter guarantees the user that the number of
physical pages specified will be available. The maximum value of WSquo
is 64K pages.
WSquo is a nondeductible quota. This value should be greater than or equal to WSdef. The value is capped by the system parameter WSMAX. |
Previous | Next | Contents | Index |
Copyright © Compaq Computer Corporation 1998. All rights reserved. Legal |
6017PRO_023.HTML
|